CN111132156A - Registration method of 5G user terminal, user terminal equipment and medium - Google Patents

Registration method of 5G user terminal, user terminal equipment and medium Download PDF

Info

Publication number
CN111132156A
CN111132156A CN201911402182.4A CN201911402182A CN111132156A CN 111132156 A CN111132156 A CN 111132156A CN 201911402182 A CN201911402182 A CN 201911402182A CN 111132156 A CN111132156 A CN 111132156A
Authority
CN
China
Prior art keywords
public key
user terminal
temporary identity
block
registration server
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201911402182.4A
Other languages
Chinese (zh)
Other versions
CN111132156B (en
Inventor
路成业
王凌
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Iallchain Co Ltd
Original Assignee
Iallchain Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Iallchain Co Ltd filed Critical Iallchain Co Ltd
Priority to CN201911402182.4A priority Critical patent/CN111132156B/en
Publication of CN111132156A publication Critical patent/CN111132156A/en
Application granted granted Critical
Publication of CN111132156B publication Critical patent/CN111132156B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • H04W12/043Key management, e.g. using generic bootstrapping architecture [GBA] using a trusted network node as an anchor
    • H04W12/0431Key distribution or pre-distribution; Key agreement
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/02Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/03Protecting confidentiality, e.g. by encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • H04W12/041Key generation or derivation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/12Detection or prevention of fraud
    • H04W12/121Wireless intrusion detection systems [WIDS]; Wireless intrusion prevention systems [WIPS]
    • H04W12/122Counter-measures against attacks; Protection against rogue devices
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W60/00Affiliation to network, e.g. registration; Terminating affiliation with the network, e.g. de-registration

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

The embodiment of the invention provides a registration method of a 5G user terminal, user terminal equipment and a medium, the public key of the target operator is obtained through a first path between the 5G user terminal equipment and the first temporary identity registration server, the public key of the target operator acquired by the first path is verified through a second path between the 5G user terminal equipment and the second temporary identity registration server, it is thus possible to prevent the target operator public key from being replaced or tampered with during the distribution process, and, further, after the public key of the target operator is obtained, the public key of the target operator and the first public key corresponding to the temporary identity of the user are adopted to encrypt the second public key corresponding to the permanent identity of the user through a preset encryption algorithm, and the encrypted data is sent to the temporary identity registration server for identity registration, so that the safety and confidentiality of sending a permanent identity public key to the temporary identity registration server by the 5G user terminal equipment can be improved.

Description

Registration method of 5G user terminal, user terminal equipment and medium
Technical Field
The embodiment of the invention relates to the technical field of block chains, in particular to a registration method of a 5G user terminal, user terminal equipment and a medium.
Background
In a standard 5G registration process, a SIM card is inserted into a 5G user terminal device (UE for short), the SIM card has a public key of an operator, or a shared key of the 5G UE and the operator, and any man in the middle cannot modify the built-in public key of the SIM card, so man in the middle attack cannot be performed, but in a SIM card-less access scheme, when the 5G UE without the SIM card submits its own public key, a malicious man in the middle or a listener can easily replace the public key, and the operator cannot sense the public key, so all confidential communications between the 5G UE and the operator may be monitored.
Disclosure of Invention
The embodiment of the invention provides a registration method of a 5G user terminal, user terminal equipment and a medium, which are used for improving the data security and confidentiality of the 5G user terminal equipment without an SIM card during identity registration.
A first aspect of an embodiment of the present invention provides a registration method for a 5G user terminal, where the method includes:
the method comprises the steps that 5G user terminal equipment sends a registration application to a first temporary identity registration server in a block chain, wherein the registration application comprises a first public key corresponding to a temporary identity generated by the 5G user terminal equipment and an identifier of a target operator, and a public key of the operator is recorded in a block of the block chain; the 5G user terminal equipment receives a first feedback message returned by the first temporary identity registration server according to the registration application, wherein the first feedback message comprises a public key of the target operator and at least one block number, and a block corresponding to the block number comprises a transaction record signed by a private key of the target operator; the 5G user terminal equipment sends one or more of the at least one block number to a second temporary identity registration server in the block chain, so that the second temporary identity registration server returns the block content of the corresponding block; the 5G user terminal equipment performs private key signature verification on the transaction record in the block content according to the public key of the target operator; and if the verification is passed, the 5G user terminal equipment encrypts a second public key corresponding to the permanent identity of the 5G user terminal equipment by using the public key of the target operator and the first public key according to a preset encryption algorithm, and sends first encrypted data obtained by encryption to the first temporary identity registration server for identity registration.
In a possible implementation manner, before the 5G user terminal device sends the registration application to the first temporary identity registration server in the blockchain, the method further includes:
the 5G user terminal equipment outputs first prompt information, wherein the first prompt information is used for prompting a user to input an encryption password; and the 5G user terminal equipment encrypts and stores a first private key corresponding to the temporary identity generated in advance according to the encrypted password input by the user.
In one possible embodiment, the method further comprises:
and the 5G user terminal equipment encrypts the IMEI number of the 5G user terminal equipment by adopting the public key of the target operator and the first public key according to a preset encryption algorithm, and sends second encrypted data obtained by encryption and the first encrypted data to the first temporary identity registration server together for identity registration.
In a possible embodiment, the sending the encrypted second encrypted data together with the first encrypted data to the first temporary identity registration server for identity registration includes:
and digitally signing the first encrypted data and the second encrypted data by adopting a first private key corresponding to the temporary identity, and sending the signed data to the first temporary identity registration server.
In a possible implementation manner, before the 5G user terminal device performs private key signature verification on the transaction record in the block content according to the public key of the target operator, the method further includes:
and carrying out hash value verification on the block content, and if the block content passes the verification, executing a step of carrying out private key signature verification on the transaction record in the block content according to the public key of the target operator.
A second aspect of an embodiment of the present invention provides a 5G user terminal device, including: a processor and a memory, the memory having instructions stored therein that when executed by the processor perform the following:
sending a registration application to a first temporary identity registration server in a block chain, wherein the registration application comprises a first public key corresponding to a temporary identity generated by the 5G user terminal equipment and an identifier of a target operator, and a public key of the operator is recorded in a block of the block chain; receiving a first feedback message returned by the first temporary identity registration server according to the registration application, wherein the first feedback message comprises a public key of the target operator and at least one block number, and a block corresponding to the block number comprises a transaction record signed by a private key of the target operator; sending one or more of the at least one block number to a second temporal identity registration server in the block chain, so that the second temporal identity registration server returns the block contents of the corresponding block; performing private key signature verification on the transaction record in the block content according to the public key of the target operator; and if the verification is passed, encrypting a second public key corresponding to the permanent identity of the user by adopting the public key of the target operator and the first public key according to a preset encryption algorithm, and sending the encrypted first encrypted data to the first temporary identity registration server for identity registration.
In one possible implementation, before the processor sends the registration request to the first temporary identity registration server in the blockchain, the method further includes:
outputting first prompt information, wherein the first prompt information is used for prompting a user to input an encrypted password; and encrypting and storing a first private key corresponding to the temporary identity generated in advance according to the encrypted password input by the user.
In one possible implementation, the processor is further configured to:
and encrypting the IMEI number of the 5G user terminal equipment by adopting the public key of the target operator and the first public key according to a preset encryption algorithm, and sending second encrypted data obtained by encryption and the first encrypted data to the first temporary identity registration server together for identity registration.
In a possible implementation manner, the processor, when performing the operation of sending the encrypted second encrypted data together with the first encrypted data to the first temporary identity registration server for identity registration, is configured to:
and digitally signing the first encrypted data and the second encrypted data by adopting a first private key corresponding to the temporary identity, and sending the signed data to the first temporary identity registration server.
A third aspect of embodiments of the present invention provides a computer-readable storage medium, which includes instructions that, when executed on a computer, cause the computer to perform the method of the first aspect.
In the embodiment of the invention, the 5G user terminal equipment carries the identification of a target operator and a first public key corresponding to a pre-generated temporary identity in a registration application and sends the registration application to a first temporary identity registration server in a block chain, so that the first temporary identity registration server carries the public key of the target operator and the block number of a block of a transaction record containing a private key signature of the target operator in a first feedback message and returns the first feedback message to the 5G user terminal equipment, the 5G user terminal equipment sends one or more of the block numbers to a second temporary identity registration server in the block chain, so that the second temporary identity registration server returns the block content of the corresponding block, the 5G user terminal equipment carries out signature verification on the transaction record private key in the block content according to the public key of the target operator and after the verification is passed, and according to a preset encryption algorithm, encrypting a second public key corresponding to the permanent identity of the user by adopting the public key of the target operator and the first public key, and sending first encrypted data obtained by encryption to the first temporary identity registration server for identity registration. Because the embodiment of the invention can acquire the public key of the target operator through the first path between the 5G user terminal equipment and the first temporary identity registration server and verify the public key of the target operator acquired through the first path through the second path between the 5G user terminal equipment and the second temporary identity registration server, the public key of the target operator can be prevented from being replaced or falsified in the sending process, the safety of sending the public key of the target operator is improved, furthermore, after the public key of the target operator is acquired, the public key of the target operator and the first public key corresponding to the temporary identity of the user are adopted to encrypt the second public key corresponding to the permanent identity of the user through a preset encryption algorithm, the encrypted data is sent to the temporary identity registration server for identity registration, and the safety and the confidentiality of sending the permanent identity public key to the temporary identity registration server by the 5G user terminal equipment can be improved, thereby ensuring that the security and confidentiality of the whole registration process are protected.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to these drawings without creative efforts.
Fig. 1 is a flowchart of a registration method of a 5G user terminal according to an embodiment of the present application;
fig. 2 is a schematic structural diagram of a communication system according to an embodiment of the present invention;
fig. 3 is a flowchart of a registration method of a 5G user terminal according to an embodiment of the present application;
fig. 4 is a schematic structural diagram of a 5G user terminal device according to an embodiment of the present application.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The terms "comprises" and "comprising," and any variations thereof, in the description and claims of this invention, are intended to cover non-exclusive inclusions, e.g., a process or an apparatus that comprises a list of steps is not necessarily limited to those structures or steps expressly listed but may include other steps or structures not expressly listed or inherent to such process or apparatus.
Fig. 1 is a flowchart of a registration method of a 5G user terminal according to an embodiment of the present application, and as shown in fig. 1, the method includes:
step 101, the 5G user terminal device sends a registration application to a first temporary identity registration server in the block chain, where the registration application includes a first public key corresponding to the temporary identity generated by the 5G user terminal device and an identifier of a target operator, and a public key of the operator is recorded in a block of the block chain.
The blockchain referred to in this embodiment is a blockchain maintained by multiple operators, a temporary identity registration server of each operator accesses the blockchain and records and maintains the latest public keys of all the operators in the blockchain, 5GUE or other terminal devices may be accessed into the blockchain as nodes of the blockchain, and the blockchain may be used to record registration information of each node in the blockchain and transaction information between each node. The 5G UE referred to in this embodiment may not have an access function of a complete block chain, as long as the capability of verifying and analyzing the block on the block chain and retrieving the block record under a certain specified condition is available.
For example, fig. 2 is a schematic structural diagram of a communication system according to an embodiment of the present invention, where in the system shown in fig. 2, the device UE may be understood as a 5G user terminal device referred to in this embodiment, a 5G core network (5G coreentwork, 5GC)1 of an operator 1 sends a public key of the operator 1 to a block chain for billing, a 5G core network 5GC2 of the operator 2 sends a public key of the operator 2 to the block chain for billing, and the temporary identity registration server 1 of the operator 1 and the temporary identity registration server 2 of the operator 2 access the block chain and record and maintain the public keys of the operators. In the registration process, the 5G UE first generates a public key and a private key corresponding to a temporary identity (for convenience of distinguishing a first public key and a first private key), prompts a User to input an encrypted password to encrypt and store the first private key locally, then sends a registration application carrying the first public key and a target operator identifier to an Access and Mobility Management Function (AMF) or a Session Management Function (SMF) in the 5GC1 through the 5G base station gNB1, the AMF or the SMF notifies a User Plane Function (User Plane Function, UPF) to transfer the registration application to the temporary identity registration server 1, after receiving the registration application, the temporary identity registration server 1 searches the public key of the target operator in a block chain account according to the identifier of the target operator, and signs the searched public key of the target operator and at least one block number by using the private key of the temporary identity registration server, and returning the first feedback message obtained by signature to the 5GUE, wherein the block corresponding to the block number returned by the temporary identity registration server 1 comprises the transaction record signed by the private key of the target operator.
And 102, the 5G user terminal device receives a first feedback message returned by the first temporary identity registration server according to the registration application, wherein the first feedback message includes a public key of the target operator and at least one block number, and a block corresponding to the block number includes a transaction record signed by a private key of the target operator.
After receiving the first feedback message fed back by the first temporary identity registration server, the 5G UE firstly verifies the private key signature in the first feedback message based on the pre-obtained public key of the first temporary identity registration server, and if the verification is passed, obtains the public key of the target operator and the block number from the first feedback message.
Step 103, the 5G user terminal device sends one or more of the at least one block number to a second temporary identity registration server in the block chain, so that the second temporary identity registration server returns the block content of the corresponding block.
Still taking fig. 2 as an example, after the 5G UE receives the first feedback message, the 5G base station gNB2 of the operator 2 sends one or more block numbers carried in the first feedback message to the AMF or SMF in the 5GC2, and the AMF or SMF notifies the UPF of the operator 2 to forward the one or more block numbers to the temporary identity registration server 2, so that the temporary identity registration server 2 forwards the block contents corresponding to the one or more block numbers to the 5G UE.
And step 104, the 5G user terminal equipment performs private key signature verification on the transaction record in the block content according to the public key of the target operator.
After receiving the block content fed back by the second temporary identity registration server, the 5G user terminal device performs signature verification on all records or any one or more records in the block content based on the public key of the target operator, and if all the records or any one or more records pass the signature verification, the public key of the target operator is determined not to be replaced or tampered.
Optionally, in order to ensure the accuracy of the block content fed back by the second temporary identity registration server, in this embodiment, before the private key signature verification is performed on the transaction record, the accuracy of the block content fed back by the second temporary identity registration server may also be verified in a hash value verification manner, for example, the accuracy of the block content may be determined by calculating a hash value corresponding to the block content, and comparing the hash value with the hash value of the block recorded in the block chain to determine whether the hash value and the hash value are consistent, or by determining whether the hash value obtained by calculation is smaller than a preset difficulty value and/or whether the hash value of the last block is included in the block content. If the content of the block is judged to be accurate, the step of verifying the private key signature of the transaction record is further executed.
And 105, if the verification is passed, the 5G user terminal device encrypts a second public key corresponding to the permanent identity of the user terminal device by using the public key of the target operator and the first public key according to a preset encryption algorithm, and sends first encrypted data obtained by encryption to the first temporary identity registration server for identity registration.
The preset encryption algorithm referred to in this embodiment is an encryption algorithm shared by the 5G UE and the first temporary identity registration server. In order to ensure that the second public key of the permanent identity sent by the 5G UE is not monitored or replaced, the 5G UE needs to encrypt the second public key by adopting the public key of the target operator or the public key of the target operator and the first public key before sending the second public key to the first temporary identity registration server according to a preset encryption algorithm, the encrypted data is sent to the first temporary identity registration server after being signed by adopting the first private key of the 5G UE, the first temporary identity registration server firstly verifies the private key signature of the encrypted data by adopting the first public key of the 5G UE after receiving the encrypted data, and then decrypts the encrypted data based on the preset encryption algorithm if the verification is passed, so that the second public key of the 5G UE is obtained, and the 5G UE is registered based on the second public key.
Of course, it should be understood by those skilled in the art that although the above embodiment describes only a method for encrypting the second public key of the 5G UE, in an actual scenario, not only the second public key but also other registration information of the 5GUE may be encrypted.
In this embodiment, the 5G user terminal device carries a first public key corresponding to an identifier of a target operator and a pre-generated temporary identity in a registration application and sends the first public key to a first temporary identity registration server in a block chain, so that the first temporary identity registration server carries the public key of the target operator and a block number of a block of a transaction record containing a private key signature of the target operator in a first feedback message and returns the first feedback message to the 5G user terminal device, the 5G user terminal device sends one or more of the block numbers to a second temporary identity registration server in the block chain, so that the second temporary identity registration server returns block content of a corresponding block, the 5G user terminal device performs private key signature verification on the transaction record in the block content according to the public key of the target operator, and after the verification is passed, according to a preset encryption algorithm, and encrypting a second public key corresponding to the permanent identity of the user by using the public key of the target operator and the first public key, and sending the encrypted first encrypted data to the first temporary identity registration server for identity registration. Because the embodiment of the invention can acquire the public key of the target operator through the first path between the 5G user terminal equipment and the first temporary identity registration server and verify the public key of the target operator acquired through the first path through the second path between the 5G user terminal equipment and the second temporary identity registration server, the public key of the target operator can be prevented from being replaced or falsified in the sending process, the safety of sending the public key of the target operator is improved, furthermore, after the public key of the target operator is acquired, the public key of the target operator and the first public key corresponding to the temporary identity of the user are adopted to encrypt the second public key corresponding to the permanent identity of the user through a preset encryption algorithm, the encrypted data is sent to the temporary identity registration server for identity registration, and the safety and the confidentiality of sending the permanent identity public key to the temporary identity registration server by the 5G user terminal equipment can be improved, thereby ensuring that the security and confidentiality of the whole registration process are protected.
Fig. 3 is a flowchart of a registration method of a 5G user terminal according to an embodiment of the present application, and as shown in fig. 3, on the basis of the foregoing embodiment, the method includes:
step 301, the 5G user terminal device sends a registration application to a first temporary identity registration server in the blockchain, where the registration application includes a first public key corresponding to the temporary identity generated by the 5G user terminal device and an identifier of a target operator, and a public key of the operator is recorded in a block of the blockchain.
In this embodiment, the 5G UE searches for 5G signal strength information around itself, and determines a target operator according to the signal strength information of each operator around itself. And the identifier of the target operator and the first public key of the target operator are carried in the registration application and are sent to the temporary identity registration server.
Step 302, the 5G user terminal device receives a first feedback message returned by the first temporary identity registration server according to the registration application, where the first feedback message includes a public key of the target operator and at least one block number, and a block corresponding to the block number includes a transaction record signed by a private key of the target operator.
Step 303, the 5G user terminal device sends one or more of the at least one block number to a second temporary identity registration server in the block chain, so that the second temporary identity registration server returns the block content of the corresponding block.
And step 304, the 5G user terminal equipment performs private key signature verification on the transaction record in the block content according to the public key of the target operator.
And 305, if the verification is passed, the 5G user terminal device encrypts a second public key and an IMEI number corresponding to the permanent identity of the user terminal device by using the public key of the target operator and the first public key according to a preset encryption algorithm, and sends the encrypted first encrypted data and the encrypted second encrypted data to the first temporary identity registration server together for identity registration.
In the operation of sending the encrypted first encrypted data and the encrypted second encrypted data to the temporary identity registration server for identity registration, the first private key corresponding to the temporary identity may be used to digitally sign the first encrypted data and the second encrypted data, and the signed data may be sent to the temporary identity registration server. After receiving the signature data, the temporary Identity registration server verifies the signature data based on the first public key, and if the verification is correct, decrypts the first encrypted data and the second encrypted data based on the public key of the temporary Identity registration server and the first public key of the 5G UE to obtain a second public key and an International Mobile Equipment Identity (IMEI) number, and registers the 5G UE based on the second public key and the IMEI number.
Of course, it should be understood by those skilled in the art that, although the example of sending the second public key and the IMEI number of the 5G UE to the temporary identity registration server for registration is described in this embodiment, it is not excluded that other information is also sent to the temporary identity registration server for registration in other scenarios, for example, in a possible manner, the hash value of the second public key or the hash value of the second public key and the IMEI number may also be sent to the temporary identity registration server for registration in an encrypted manner.
In this embodiment, the 5G user terminal device carries a first public key corresponding to an identifier of a target operator and a pre-generated temporary identity in a registration application and sends the first public key to a first temporary identity registration server in a block chain, so that the first temporary identity registration server carries the public key of the target operator and a block number of a block of a transaction record containing a private key signature of the target operator in a first feedback message and returns the first feedback message to the 5G user terminal device, the 5G user terminal device sends one or more of the block numbers to a second temporary identity registration server in the block chain, so that the second temporary identity registration server returns block content of a corresponding block, the 5G user terminal device performs private key signature verification on the transaction record in the block content according to the public key of the target operator, and after the verification is passed, according to a preset encryption algorithm, and encrypting a second public key corresponding to the permanent identity of the user by using the public key of the target operator and the first public key, and sending the encrypted first encrypted data to the first temporary identity registration server for identity registration. Because the embodiment of the invention can acquire the public key of the target operator through the first path between the 5G user terminal equipment and the first temporary identity registration server and verify the public key of the target operator acquired through the first path through the second path between the 5G user terminal equipment and the second temporary identity registration server, the public key of the target operator can be prevented from being replaced or falsified in the sending process, the safety of sending the public key of the target operator is improved, furthermore, after the public key of the target operator is acquired, the public key of the target operator and the first public key corresponding to the temporary identity of the user are adopted to encrypt the second public key corresponding to the permanent identity of the user through a preset encryption algorithm, the encrypted data is sent to the temporary identity registration server for identity registration, and the safety and the confidentiality of sending the permanent identity public key to the temporary identity registration server by the 5G user terminal equipment can be improved, thereby ensuring that the security and confidentiality of the whole registration process are protected.
Fig. 4 is a schematic structural diagram of a 5G user terminal device provided in an embodiment of the present application, and as shown in fig. 4, a device 40 includes a processor 41 and a memory 42, where the memory 42 stores instructions, and when the processor 41 executes the instructions, the following operations are performed: sending a registration application to a first temporary identity registration server in a block chain, wherein the registration application comprises a first public key corresponding to a temporary identity generated by the 5G user terminal equipment and an identifier of a target operator, and a public key of the operator is recorded in a block of the block chain; receiving a first feedback message returned by the first temporary identity registration server according to the registration application, wherein the first feedback message comprises a public key of the target operator and at least one block number, and a block corresponding to the block number comprises a transaction record signed by a private key of the target operator; sending one or more of the at least one block number to a second temporal identity registration server in the block chain, so that the second temporal identity registration server returns the block contents of the corresponding block; performing private key signature verification on the transaction record in the block content according to the public key of the target operator; and if the verification is passed, encrypting a second public key corresponding to the permanent identity of the user by adopting the public key of the target operator and the first public key according to a preset encryption algorithm, and sending the encrypted first encrypted data to the first temporary identity registration server for identity registration.
In one possible implementation, before the processor sends the registration request to the first temporary identity registration server in the blockchain, the method further includes:
outputting first prompt information, wherein the first prompt information is used for prompting a user to input an encrypted password; and encrypting and storing a first private key corresponding to the temporary identity generated in advance according to the encrypted password input by the user.
In one possible implementation, the processor is further configured to:
and encrypting the IMEI number of the 5G user terminal equipment by adopting the public key of the target operator and the first public key according to a preset encryption algorithm, and sending second encrypted data obtained by encryption and the first encrypted data to the first temporary identity registration server together for identity registration.
In a possible implementation manner, the processor, when performing the operation of sending the encrypted second encrypted data together with the first encrypted data to the first temporary identity registration server for identity registration, is configured to:
and digitally signing the first encrypted data and the second encrypted data by adopting a first private key corresponding to the temporary identity, and sending the signed data to the first temporary identity registration server.
The device provided by this embodiment can execute the method of any of the above embodiments, and the execution manner and effect are similar, which are not described herein again.
Embodiments of the present invention also provide a computer-readable storage medium, which includes instructions that, when executed on a computer, cause the computer to perform the method provided in any of the above embodiments.
Finally, it should be noted that, as one of ordinary skill in the art will appreciate, all or part of the processes of the methods of the embodiments described above may be implemented by hardware related to instructions of a computer program, where the computer program may be stored in a computer-readable storage medium, and when executed, the computer program may include the processes of the embodiments of the methods described above. The storage medium may be a magnetic disk, an optical disk, a read-only memory (ROM), a Random Access Memory (RAM), or the like.
Each functional unit in the embodiments of the present invention may be integrated into one processing module, or each unit may exist alone physically, or two or more units are integrated into one module. The integrated module can be realized in a hardware mode, and can also be realized in a software functional module mode. The integrated module, if implemented in the form of a software functional module and sold or used as a separate product, may also be stored in a computer readable storage medium. The storage medium mentioned above may be a read-only memory, a magnetic or optical disk, etc.
The above embodiments are only used to illustrate the technical solution of the present invention, and not to limit the same; while the invention has been described in detail and with reference to the foregoing embodiments, it will be understood by those skilled in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some or all of the technical features may be equivalently replaced; and the modifications or the substitutions do not make the essence of the corresponding technical solutions depart from the scope of the technical solutions of the embodiments of the present invention.

Claims (10)

1. A registration method of a 5G user terminal is characterized by comprising the following steps:
the method comprises the steps that 5G user terminal equipment sends a registration application to a first temporary identity registration server in a block chain, wherein the registration application comprises a first public key corresponding to a temporary identity generated by the 5G user terminal equipment and an identifier of a target operator, and a public key of the operator is recorded in a block of the block chain;
the 5G user terminal equipment receives a first feedback message returned by the first temporary identity registration server according to the registration application, wherein the first feedback message comprises a public key of the target operator and at least one block number, and a block corresponding to the block number comprises a transaction record signed by a private key of the target operator;
the 5G user terminal equipment sends one or more of the at least one block number to a second temporary identity registration server in the block chain, so that the second temporary identity registration server returns the block content of the corresponding block;
the 5G user terminal equipment performs private key signature verification on the transaction record in the block content according to the public key of the target operator;
and if the verification is passed, the 5G user terminal equipment encrypts a second public key corresponding to the permanent identity of the 5G user terminal equipment by using the public key of the target operator and the first public key according to a preset encryption algorithm, and sends first encrypted data obtained by encryption to the first temporary identity registration server for identity registration.
2. The method of claim 1, wherein before the 5G user terminal device sends the registration request to the first temporary identity registration server in the blockchain, the method further comprises:
the 5G user terminal equipment outputs first prompt information, wherein the first prompt information is used for prompting a user to input an encryption password;
and the 5G user terminal equipment encrypts and stores a first private key corresponding to the temporary identity generated in advance according to the encrypted password input by the user.
3. The method according to claim 1 or 2, characterized in that the method further comprises:
and the 5G user terminal equipment encrypts the IMEI number of the 5G user terminal equipment by adopting the public key of the target operator and the first public key according to a preset encryption algorithm, and sends second encrypted data obtained by encryption and the first encrypted data to the first temporary identity registration server together for identity registration.
4. The method according to claim 3, wherein the sending the encrypted second encrypted data together with the first encrypted data to the first temporary identity registration server for identity registration comprises:
and digitally signing the first encrypted data and the second encrypted data by adopting a first private key corresponding to the temporary identity, and sending the signed data to the first temporary identity registration server.
5. The method according to claim 1 or 2, wherein before the 5G user terminal device performs private key signature verification on the transaction record in the block content according to the public key of the target operator, the method further comprises:
and carrying out hash value verification on the block content, and if the block content passes the verification, executing a step of carrying out private key signature verification on the transaction record in the block content according to the public key of the target operator.
6. A 5G user terminal device comprising a processor and a memory, the memory having stored therein instructions that when executed by the processor perform the following:
sending a registration application to a first temporary identity registration server in a block chain, wherein the registration application comprises a first public key corresponding to a temporary identity generated by the 5G user terminal equipment and an identifier of a target operator, and a public key of the operator is recorded in a block of the block chain;
receiving a first feedback message returned by the first temporary identity registration server according to the registration application, wherein the first feedback message comprises a public key of the target operator and at least one block number, and a block corresponding to the block number comprises a transaction record signed by a private key of the target operator;
sending one or more of the at least one block number to a second temporal identity registration server in the block chain, so that the second temporal identity registration server returns the block contents of the corresponding block;
performing private key signature verification on the transaction record in the block content according to the public key of the target operator;
and if the verification is passed, encrypting a second public key corresponding to the permanent identity of the user by adopting the public key of the target operator and the first public key according to a preset encryption algorithm, and sending the encrypted first encrypted data to the first temporary identity registration server for identity registration.
7. The apparatus of claim 6, wherein the processor, prior to sending the registration request to the first temporary identity registration server in the blockchain, further comprises:
outputting first prompt information, wherein the first prompt information is used for prompting a user to input an encrypted password;
and encrypting and storing a first private key corresponding to the temporary identity generated in advance according to the encrypted password input by the user.
8. The apparatus of claim 6 or 7, wherein the processor is further configured to:
and encrypting the IMEI number of the 5G user terminal equipment by adopting the public key of the target operator and the first public key according to a preset encryption algorithm, and sending second encrypted data obtained by encryption and the first encrypted data to the first temporary identity registration server together for identity registration.
9. The device of claim 8, wherein the processor, when performing the operation of sending the encrypted second encrypted data together with the first encrypted data to the first temporary identity registration server for identity registration, is configured to:
and digitally signing the first encrypted data and the second encrypted data by adopting a first private key corresponding to the temporary identity, and sending the signed data to the first temporary identity registration server.
10. A computer-readable storage medium comprising instructions that, when executed on a computer, cause the computer to perform the method of any of claims 1-5.
CN201911402182.4A 2019-12-30 2019-12-30 Registration method of 5G user terminal, user terminal equipment and medium Active CN111132156B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201911402182.4A CN111132156B (en) 2019-12-30 2019-12-30 Registration method of 5G user terminal, user terminal equipment and medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201911402182.4A CN111132156B (en) 2019-12-30 2019-12-30 Registration method of 5G user terminal, user terminal equipment and medium

Publications (2)

Publication Number Publication Date
CN111132156A true CN111132156A (en) 2020-05-08
CN111132156B CN111132156B (en) 2023-04-14

Family

ID=70505881

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201911402182.4A Active CN111132156B (en) 2019-12-30 2019-12-30 Registration method of 5G user terminal, user terminal equipment and medium

Country Status (1)

Country Link
CN (1) CN111132156B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111680312A (en) * 2020-06-05 2020-09-18 宗陈星 Information processing method based on big data and block chain and network security cloud server

Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2002041597A2 (en) * 2000-11-17 2002-05-23 Ipwireless, Inc. Use of internet web technology for wireless internet access
CN106101068A (en) * 2016-05-27 2016-11-09 宇龙计算机通信科技(深圳)有限公司 Terminal communicating method and system
CN108712395A (en) * 2018-04-27 2018-10-26 腾讯科技(深圳)有限公司 Account management method, device, server based on block chain and storage medium
CN109257342A (en) * 2018-09-04 2019-01-22 阿里巴巴集团控股有限公司 Authentication method, system, server and readable storage medium storing program for executing of the block chain across chain
CN109743699A (en) * 2019-01-04 2019-05-10 中国联合网络通信集团有限公司 A kind of communication means and system based on block chain
CN109983466A (en) * 2018-09-27 2019-07-05 区链通网络有限公司 A kind of account management system and management method, storage medium based on block chain
CN110224838A (en) * 2019-06-11 2019-09-10 中国联合网络通信集团有限公司 Data managing method, device and storage medium based on block chain
CN110475249A (en) * 2018-05-10 2019-11-19 华为技术有限公司 A kind of authentication method, relevant device and system
CN110493007A (en) * 2019-09-06 2019-11-22 腾讯科技(深圳)有限公司 A kind of Information Authentication method, apparatus, equipment and storage medium based on block chain
CN110505627A (en) * 2018-05-17 2019-11-26 电信科学技术研究院有限公司 A kind of authentication method and device based on access node group

Patent Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2002041597A2 (en) * 2000-11-17 2002-05-23 Ipwireless, Inc. Use of internet web technology for wireless internet access
CN106101068A (en) * 2016-05-27 2016-11-09 宇龙计算机通信科技(深圳)有限公司 Terminal communicating method and system
CN108712395A (en) * 2018-04-27 2018-10-26 腾讯科技(深圳)有限公司 Account management method, device, server based on block chain and storage medium
CN110475249A (en) * 2018-05-10 2019-11-19 华为技术有限公司 A kind of authentication method, relevant device and system
CN110505627A (en) * 2018-05-17 2019-11-26 电信科学技术研究院有限公司 A kind of authentication method and device based on access node group
CN109257342A (en) * 2018-09-04 2019-01-22 阿里巴巴集团控股有限公司 Authentication method, system, server and readable storage medium storing program for executing of the block chain across chain
CN109983466A (en) * 2018-09-27 2019-07-05 区链通网络有限公司 A kind of account management system and management method, storage medium based on block chain
CN109743699A (en) * 2019-01-04 2019-05-10 中国联合网络通信集团有限公司 A kind of communication means and system based on block chain
CN110224838A (en) * 2019-06-11 2019-09-10 中国联合网络通信集团有限公司 Data managing method, device and storage medium based on block chain
CN110493007A (en) * 2019-09-06 2019-11-22 腾讯科技(深圳)有限公司 A kind of Information Authentication method, apparatus, equipment and storage medium based on block chain

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111680312A (en) * 2020-06-05 2020-09-18 宗陈星 Information processing method based on big data and block chain and network security cloud server

Also Published As

Publication number Publication date
CN111132156B (en) 2023-04-14

Similar Documents

Publication Publication Date Title
CN106899410B (en) A kind of method and device of equipment identities certification
CN110225063B (en) Upgrading method and system of automobile-mounted system, server and vehicle-mounted terminal
CN108173662B (en) Equipment authentication method and device
EP2633716B1 (en) Data processing for securing local resources in a mobile device
CN111148094B (en) Registration method of 5G user terminal, user terminal equipment and medium
US9461995B2 (en) Terminal, network locking and network unlocking method for same, and storage medium
CN106612180A (en) Method and device for realizing session identifier synchronization
CN111130798B (en) Request authentication method and related equipment
CN114900338A (en) Encryption and decryption method, device, equipment and medium
CN110138744A (en) Replace method, apparatus, system, computer equipment and the storage medium of communicating number
CN111148213B (en) Registration method of 5G user terminal, user terminal equipment and medium
CN111132149B (en) Registration method of 5G user terminal, user terminal equipment and medium
CN111132156B (en) Registration method of 5G user terminal, user terminal equipment and medium
CN111246464B (en) Identity authentication method, device and system, and computer readable storage medium
CN109842554B (en) Routing method, device, equipment and storage medium of equipment service
CN112039857A (en) Calling method and device of public basic module
CN105100030B (en) Access control method, system and device
CN111132167B (en) Method for 5G user terminal to access 5G network, user terminal equipment and medium
CN113868628B (en) Signature verification method, signature verification device, computer equipment and storage medium
CN111163466B (en) Method for 5G user terminal to access block chain, user terminal equipment and medium
US11552796B2 (en) Cryptographic processing events for encrypting or decrypting data
CN112039921B (en) Verification method for parking access, parking user terminal and node server
CN113992353A (en) Login certificate processing method and device, electronic equipment and storage medium
CN115935379A (en) Service processing method, device, equipment and computer readable storage medium
CN112926101A (en) Disk partition encryption method, system, device and computer readable medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
CB02 Change of applicant information

Address after: 100191 1107c, 11 / F, Xueyuan international building, 1 Zhichun Road, Haidian District, Beijing

Applicant after: IALLCHAIN Co.,Ltd.

Address before: 100043 5158, 5 floor, 11 Shixing street, Shijingshan District, Beijing.

Applicant before: IALLCHAIN Co.,Ltd.

CB02 Change of applicant information
GR01 Patent grant
GR01 Patent grant